Doanh nghiệp nhỏ thường xử lý DSAR/GDPR/CCPA ra sao? Nhiều startup chỉ quan tâm khi gặp khủng hoảng. Quy trình gồm xác minh danh tính, thu thập dữ liệu, che giấu thông tin nhạy cảm... nhưng nhiều nơi chưa nghiêm túc. Ví dụ: email privacy@ của dự án Product Hunt không hoạt động. Bạn xử lý thủ công hay qua email? Tần suất nhận yêu cầu? Cần đầu tư quy trình phức tạp ngay không? #GDPR #DSAR #QuảnLýDữLiệu #Startup #Privacy #CôngNghệ #BảoMật

https://www.reddit.com/r/SaaS/comments/1pj0uq1/how_are_you_

@noybeu Is #EU's world-renowned #GDPR #privacy standard #sacrificed to Trumpian #Big #Tech? Will #SME's still have to bear all the #administrative burdens, while large #AI companies can steal and resell #copyrighted #personal data without providing #Data #Subject #Access #Rights (#dsar)?

California passed a DELETE Act: summary of the "old" federal bill and brief summary of how this bill will be applied.

California passed a law that would give consumers an easy singular interface to opt-out of processing by data brokers and require them to delete your data. Neat stuff, if it works. There's a lot of overlap between this and what we've been building with the Data Rights Protocol and I'm excited to see those overlaps pursued.

There’s nothing quite like a #dsar and defending the closure of an archival file on #dataprotection grounds to mark the fifth anniversary of the introduction of #GDPR.

🧑‍⚖️Certain national judges got this wrong (and still get this wrong).
They dismissed Art. 15(3) #DSAR #GDPR requests because the data subject had motivations other than those mentioned in recital 63 GDPR (namely, to become aware of the processing of hi…https://lnkd.in/epvWSB5X

Very happy to take part today in Warsaw to #TRADATAII panel : a great opportunity for lawyers around the EU. I will talk about the rights of the data subject and data subject access rights (#DSAR)

Today we tagged a new version of the Data Rights Protocol, a new “common denominator” for data rights interchange.

Over the coming months we’ll be integrating it in to Consumer Reports’ Permission Slip and a number of #privacy / data management middleware providers will be integrating it for their customers to provide a simple unified messaging protocol for communicating #datarights requests like data sale #optout, deletion portability and #DSAR between end users and businesses through this ecosystem of authorized agents and privacy infrastructure providers.

This work will stream-line data rights access for consumers and businesses by moving the cost of identity verification to a one-time action performed by Agent applications, and provide a simple taxonomy for companies to automate their data rights pipelines around.

The system we’re designing operates more like a network of notaries than any sort of self-sovereign hardware-crypto backed decentralized identity system that folks on the Fediverse may be excited by, but this has been designed to target the technology that average consumers and businesses are accessing today while leaving the door open for more exciting technology down the line. It’s JSON, HTTP, and libsodium.

Without regulatory intervention a system like this will never be comprehensive – there is little reason for the nastier data brokers in @yaelwrites@mastodon.social ‘s BADBOOL to implement a DRP interface, but for companies that respect consumers DRP would be a slick part of an automated Data Management/Access/Deletion system that would be cheaper and more resilient than paying a bunch of paralegals to look at blurry smartphone photos of ID cards all day long. With the California Attorney General's recent announcement that requests submitted by services like Permission Slip should be respected, it's natural for businesses and advocates to build systems that can scale these requests up to a society that wants them but feels disempowered to exercise them in a meaningful way. Data Rights are not going away and ignoring even these baseline rights isn't going to work out so well.

I’ve been really happy to work with @kevinriggle@ioc.exchange on moving the DRP forward toward this 1.0 implementation vision, sharpening our safety/security focus, and building something which is informed by more than just my experience/scars serving DSAR and Portability requests at my last job.

I am busy, looking at my #LabourParty #DSAR reply, knowing I should read it, knowing that stuff is missing, but it took them a long time to send it to me, so I think it can wait although things change so quickly